2007-02-10 02:14:24

by Brian Behlendorf

[permalink] [raw]
Subject: e2fsprogs coverity patch <cid-21.diff>

Lawrence Livermore National Labs recently ran the source code
analysis tool Coverity over the e2fsprogs-1.39 source to see
if it would identify any significant bugs. The analysis
turned up 38 mostly minor issues which are enumerated here
with patches. We went through and resolved these issues
but would love to see these mostly minor changes reviewed
and commited upstream.

Brian Behlendorf <[email protected]>, and
Herb Wartens <[email protected]>

Coverity ID: 21: Resource Leak

Potentially need to free argv before early return since it was allocated
memory. Need to be careful since it may be possible for ss_parse() to have
freed the memory allocated to it if it detects an unbalanced set of quotes
passed to it.

Index: e2fsprogs+chaos/lib/ss/execute_cmd.c
--- e2fsprogs+chaos.orig/lib/ss/execute_cmd.c
+++ e2fsprogs+chaos/lib/ss/execute_cmd.c
@@ -220,8 +220,11 @@ int ss_execute_line (sci_idx, line_ptr)

/* parse it */
argv = ss_parse(sci_idx, line_ptr, &argc);
- if (argc == 0)
+ if (argc == 0) {
+ if (argv)
+ free(argv);
return 0;
+ }

/* look it up in the request tables, execute if found */
ret = really_execute_command (sci_idx, argc, &argv);